Pentagon Considers Nuclear Retaliation To Big Cyber Attacks

According to the draft for the Pentagon’s 2018 Nuclear Posture Review, the US would consider using nuclear weapons to respond to non-nuclear attacks.

While the Pentagon’s proposed policy change suggests the US should “only consider the use of nuclear weapons in extreme circumstances to defend the vital interests of the United States or its allies and partners,” large cyber-attacks are considered “extreme circumstances.”

After reviewing threats posed by Russia, China, North Korea and Iran, the document reads:

'The United States would only consider the use of nuclear weapons in extreme circumstances to defend the vital interests of the United States, its allies, and partners. Extreme circumstance could include significant non-nuclear strategic attacks. Significant non-nuclear strategic attacks include, but are not limited to, attacks on the US, allied, or partner civilian population or infrastructure, and attacks on US or allied nuclear forces, their command and control, or warning and attack assessment capabilities.'

Notice that “cyber-attack” is not specifically mentioned, but officials who asked to remain anonymous told The New York Times that “large cyber-attacks” could warrant a nuclear response.

Three current and former senior government officials said large cyber-attacks against the United States and its interests would be included in the kinds of foreign aggression that could justify a nuclear response — though they stressed there would be other, more conventional options for retaliation.

The NPR draft acknowledged that Russia has a “new intercontinental, nuclear-armed, undersea autonomous torpedo” and is “developing and deploying new nuclear warheads and launchers.” Russia, the document claims, believes that limited nuclear first use of low-yield weapons would give it an advantage. “Correcting this mistaken Russian perception is a strategic imperative,” it says.

Therefore, the US should develop smaller nukes, new “low-yield” nuclear weapons, which would “enhance deterrence.” One new nuke would be a cruise missile fired from submarines and another a “low-yield” warhead for ballistic missiles from subs.
The US doesn't need more Nukes

But Alexandra Bell, a former senior adviser at the State Department and current senior policy director at the Center for Arms Control and Non-Proliferation, told the Huffington Post, the US already has “4,000 nuclear weapons in our active stockpile, which is more than enough to destroy the world many times over. “So I don’t think it makes a convincing case that we somehow lack capabilities. And, in fact, I don’t think you can make the case that this president needs any more capabilities.”
Two weeks ago, President Donald Trump was bragging about having a “much bigger” and “more powerful” nuclear button that North Korean leader Kim Jong Un.

During the Cold War, nukes guaranteed mutually assured destruction. That same mutual assured destruction has been applied to large-scale cyberwar, knock out our power grid, and we will knock out yours type thing. 

It remains to be seen if the threat of nuking a country for pulling off large cyber-attacks would serve as a deterrent or be the start of doomsday. “Almost everything about this radical new policy will blur the line between nuclear and conventional,” Andrew C. Weber, an assistant defense secretary during the Obama administration, told The New York Times. If the draft is adopted as is, the new policy “will make nuclear war a lot more likely.”

The draft, called “pre-decisional” by the Pentagon, is currently being reviewed by the White House. The final version is expected to be released in February.

CSO Online

You Migh Also Read: 

World Economic Leaders Fear Increasing Cyber Attacks:

Army Chief Urges  UK To Increase Cyber Defence & Attack Capabilities:

2018 Predictions: Full-Scale Cyber War:

 

 

« World Economic Leaders Fear Increasing Cyber Attacks
Employees Are Key To Cybersecurity »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Global Secure Solutions (GSS)

Global Secure Solutions (GSS)

Global Secure Solutions is an IT security and risk consulting firm and authorised ISO training partner for the PECB.

Waterfall Security Solutions

Waterfall Security Solutions

Waterfall Security is focused on protecting critical infrastructure and industrial control systems from remote online cyber attacks,

SiteGuarding

SiteGuarding

SiteGuarding provide website security tools and services to protect your website against malware and hacker exploits.

edgescan

edgescan

edgescan is a cloud-based continuous vulnerability management and penetration testing solution.

AVG Technologies

AVG Technologies

AVG is focused on providing home and business computer users with the most comprehensive and proactive protection against computer security threats.

OneVisage

OneVisage

Our award-winning 3DAuth digital identity platform turns any consumer mobile device into a real-time 3D facial scanner that securely authenticates the user in seconds.

miniOrange

miniOrange

miniOrange is a cloud and on-premise based identity and access management (IAM) solution provider.

Zeguro

Zeguro

Zeguro provides complete cybersecurity risk assessment, mitigation and insurance, allowing you to easily manage your cyber risk.

Cynterra

Cynterra

Cynterra is a next generation cloud cyber security and data analytical service provider offering cloud security compliance, data protection, visibility and threat protection services.

SHIELD

SHIELD

SHIELD is an established end-to-end fraud management solution that blocks fraudulent activities such as account takeovers, fake accounts creation, fraudulent payments, loyalty fraud and more.

Open Cloud Factory

Open Cloud Factory

Open Cloud Factory is a European based security company, that strives to ease the pressure on IT managers, by providing tools to implement your Security Strategy in an effective and easy manner.

Sixgill

Sixgill

Sixgill, an IoT sensor platform company, builds the universal data service and smart process automation software allowing any organization to effectively govern its IoE assets.

Grant Thornton

Grant Thornton

Grant Thornton is one of the world’s leading networks of independent assurance, tax and advisory firms.

Securance Consulting

Securance Consulting

Since 2002, Securance has empowered enterprises to assume proactive security, compliance, and risk management strategies.

Security4Media

Security4Media

Security4Media is a non-profit association set up to reduce risks and support trust in media, in the face of increasing cybersecurity threat levels.

Scope AI

Scope AI

Scope AI is an innovative technology company specializing in quantum security and machine learning.